Multi-paradigm frameworks for scalable intrusion detection

Research in network security and intrusion detection systems (IDSs) has typically focused on small or artificial data sets. Tools are developed that work well on these data sets but have trouble meeting the demands of real-world, large-scale network environments. In addressing this problem, improvements must be made to the foundations of intrusion detection systems, including data management, IDS accuracy and alert volume;We address data management of network security and intrusion detection information by presenting a database mediator system that provides single query access via a domain specific query language. Results are returned in the form of XML using web services, allowing analysts to access information from remote networks in a uniform manner. The system also provides scalable data capture of log data for multi-terabyte datasets;Next, we address IDS alert accuracy by building an agent-based framework that utilizes web services to make the system easy to deploy and capable of spanning network boundaries. Agents in the framework process IDS alerts managed by a central alert broker. The broker can define processing hierarchies by assigning dependencies on agents to achieve scalability. The framework can also be used for the task of event correlation, or gathering information relevant to an IDS alert;Lastly, we address alert volume by presenting an approach to alert correlation that is IDS independent. Using correlated events gathered in our agent framework, we build a feature vector for each IDS alert representing the network traffic profile of the internal host at the time of the alert. This feature vector is used as a statistical fingerprint in a clustering algorithm that groups related alerts. We analyze our results with a combination of domain expert evaluation and feature selection

Second CLIPS Conference Proceedings, volume 1

Topics covered at the 2nd CLIPS Conference held at the Johnson Space Center, September 23-25, 1991 are given. Topics include rule groupings, fault detection using expert systems, decision making using expert systems, knowledge representation, computer aided design and debugging expert systems

Data bases and data base systems related to NASA's Aerospace Program: A bibliography with indexes

This bibliography lists 641 reports, articles, and other documents introduced into the NASA scientific and technical information system during the period January 1, 1981 through June 30, 1982. The directory was compiled to assist in the location of numerical and factual data bases and data base handling and management systems

PRODUCT LINE ARCHITECTURE FOR HADRONTHERAPY CONTROL SYSTEM: APPLICATIONS DEVELOPMENT AND CERTIFICATION

Hadrontherapy is the treatment of cancer with charged ion beams. As the charged ion beams used in hadrontherapy are required to be accelerated to very large energies, the particle accelerators used in this treatment are complex and composed of several sub-systems. As a result, control systems are employed for the supervision and control of these accelerators. Currently, The Italian National Hadrontherapy Facility (CNAO) has the objective of modernizing one of the software environments of its control system. Such a project would allow for the integration of new types of devices into the control system, such as mobile devices, as well as introducing newer technologies into the environment. In order to achieve this, this work began with the requirement analysis and definition of a product line architecture for applications of the upgraded control system environment. The product line architecture focuses on reliability, maintainability, and ease of compliance with medical software certification directives. This was followed by the design and development of several software services aimed at allowing the communication of the environments applications and other components of the control system, such as remote file access, relational data access, and OPC-UA. In addition, several libraries and tools have been developed to support the development of future control system applications, following the defined product line architecture. Lastly, a pilot application was created using the tools developed during this work, as well as the preliminary results of a cross-environment integration project. The approach followed in this work is later evaluated by comparing the developed tools to their legacy counterparts, as well as estimating the impact of future applications following the defined product line architecture.Hadrontherapy is the treatment of cancer with charged ion beams. As the charged ion beams used in hadrontherapy are required to be accelerated to very large energies, the particle accelerators used in this treatment are complex and composed of several sub-systems. As a result, control systems are employed for the supervision and control of these accelerators. Currently, The Italian National Hadrontherapy Facility (CNAO) has the objective of modernizing one of the software environments of its control system. Such a project would allow for the integration of new types of devices into the control system, such as mobile devices, as well as introducing newer technologies into the environment. In order to achieve this, this work began with the requirement analysis and definition of a product line architecture for applications of the upgraded control system environment. The product line architecture focuses on reliability, maintainability, and ease of compliance with medical software certification directives. This was followed by the design and development of several software services aimed at allowing the communication of the environments applications and other components of the control system, such as remote file access, relational data access, and OPC-UA. In addition, several libraries and tools have been developed to support the development of future control system applications, following the defined product line architecture. Lastly, a pilot application was created using the tools developed during this work, as well as the preliminary results of a cross-environment integration project. The approach followed in this work is later evaluated by comparing the developed tools to their legacy counterparts, as well as estimating the impact of future applications following the defined product line architecture

Data bases and data base systems related to NASA's aerospace program. A bibliography with indexes

This bibliography lists 1778 reports, articles, and other documents introduced into the NASA scientific and technical information system, 1975 through 1980

Software: our quest for excellence. Honoring 50 years of software history, progress, and process

The Software Quality Forum was established by the Software Quality Assurance (SQA) Subcommittee, which serves as a technical advisory group on software engineering and quality initiatives and issues for DOE`s quality managers. The forum serves as an opportunity for all those involved in implementing SQA programs to meet and share ideas and concerns. Participation from managers, quality engineers, and software professionals provides an ideal environment for identifying and discussing issues and concerns. The interaction provided by the forum contributes to the realization of a shared goal--high quality software product. Topics include: testing, software measurement, software surety, software reliability, SQA practices, assessments, software process improvement, certification and licensing of software professionals, CASE tools, software project management, inspections, and management`s role in ensuring SQA. The bulk of this document consists of vugraphs. Selected papers have been indexed separately for inclusion in the Energy Science and Technology Database